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DETAILED ACTION 
Docketing 

1 . Please note that the application has been re-docketed to a different examiner. 
Please refer all future communications regarding this application to the examiner of 
record using the information supplied in the final section of the Office action. 

This Office action is responsive to the Applicant's Amendment filed 03/07/2007. 
Claims 5, 16 and 22 are amended. 
Claims 1-25 are pending. 

Response to Arguments 

2. Applicant's arguments filed 03/07/2007 have been fully considered but they are 
not persuasive. 

Applicant argues, "Nowhere in Cook is a connection made between this upload 
and any registration of the user or a first party as relying upon a certificate. Cook in fact 
does not fairly disclose nor suggest the clement of claim 1 directed to registering a first 
party as a party relying upon second party's certificate. Therefore for at least this 
reason, the rejection of claim 1 as anticipated by Cook cannot stand" (Page 2 of 
Remarks). 

Examiner respectfully disagrees with this argument. Cook clearly discloses, 
"After receiving, or before downloading, the electronic certificate 154, Bob 30 may 
construct a contract, or CAP, with the certificate server 100 using module 210, step 254. 
The CAP is for notification of changes in the electronic certificate 154. Contract 
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construction is explained with reference to FIG. 3 below. Bob 30 submits the contract to 
the certificate server 100, step 256. Using module 210, the processor 200 determines 
whether the contract submitted by Bob 30 is acceptable, step 258" (Figure 2, col. 9, 

* 

lines 5-15). Therefore, Cook clearly discloses the step of "registering a first party as a 
party relying upon second party's certificate." 

Applicant further argues, "The rejections of these claims however rely on Cook 
for the element related to registering a first as a party relying upon a second party's, 
certificate which is present in each of the claims 7-10 and 22-25. As discussed above, 
this element of the claims is neither disclosed nor suggested by Cook and therefore the 
rejection of claims 7-10 and 22-25 as unpatentable over Cook in view of Kaliski cannot 
stand and should be withdrawn for at least this reason." 

Examiner respectfully disagrees with applicant. Examiner would like to point out 
the response for this argument indicated above. 

For at least the above reasons, it is believed that the rejection is maintained. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
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applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1-6 and 1 1-21 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Cook et al. (U.S. Patent No. 6,922,776) hereinafter Cook. 

With the respect to claims 1 and 16, Cook reference teaches 
registering a first party as a party relying upon a second party's certificate (Figure 
2, col. 9, lines 5-15); Bob 30 submits the contract to the certificate server 100, step 

256); 

revoking the second party's certificate after registering the first party (see col. 6, 
lines 47-54; col. 7, lines 13-20; replacement of the entire electronic certificate with a 
new electronic certificate); and 

initiating communication with the first party to indicate that the second party's 
certificate has been revoked (see col. 6, lines 55-62; certificate server second module is 
for notifying a user of the electronic certificate condition when its revoked). 

With the respect to claims 2 and 17, Cook reference teaches wherein revoking 
the second party's certification further comprises: receiving a request to revoke the 
second party's certificate (see col. 7, lines 13-22; col. 7, lines 40-48; revocation of the 
electronic certificate); and 
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revoking the second party's certificate in accordance with a revocation policy 
associated with the second party's certificate in response to the request (see col. 7, 
lines 13-22; col. 7, lines 40-48; revocation of the electronic certificate). 

With the respect to claims 3 and 18, Cook reference teaches wherein initiating 
communication with the first party (see col. 6, lines 55-57; certificate server second 
module is for notifying a user) further comprises sending a revocation message to a 
machine (see col. 6, lines 44-47 "workstation, pc, fax machine, etc") that is associated 
with the first party (see coi. 7, lines 1-8; col. 7, lines 40-48; notify by electronic mail the 
certificate user the certificate change of condition like revocation). 

With the respect to claims 4 and 19, Cook reference teaches further comprising 
the machine (see col. 6, lines 44-47; "workstation, pc, fax machine, etc.") associated 
with the first party verifying the authenticity of the revocation message (see col. 7, lines 
1-8; col. 7, lines 40-48; col. 8 line 60-co1.9 line 5; "executing various authentication 
procedure - and modifying access control information of the machine to indicate the 
revocation of the second party's certificate (see col. 8, lines i-5; "updating the electronic 
certificate with respect to the certificate user to the new version of the electronic 
certificate"). 

With the respect to claims 5 and 20, reference teaches wherein accepting the 
request to revoke the second party's certificate comprises accepting the request by 
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authenticating a signature (see col. 8, lines 60-64; "The certificate server may sign, or 
authenticate Alice's electronic certificate") incorporated in the request with one of a list 
of revoker certificates associated with the second party's certificate (see col. 7, lines 30- 
34; a certificate revocation list-CRL). 

With the respect to claims 6 and 21 , Cook reference teaches wherein the server 
initiating communication with a first party (see col. 6, lines 55-57; certificate server 
second module is for notifying a user) further comprises the server sending an email 
message to an email address for the first party (see col. 7, lines 1-8; "electronic mail"). 

With the respect to claim 1 1 , Cook reference teaches a processor based server 
system (see col. 6, lines 35-38) comprising: a registration database (see col. 10, lines 
10-30; selection of contracts associated with users are stored in a database on the 
certificate server) to register a first party as a relying party for a second party's 
certificate (Figure 2, col. 9, lines 5-15); Bob 30 submits the contract to the certificate 
server 100, step 256); 

♦ 

a revocation module (see col. 6, lines 38-41; col. 7, lines 40-48) to revoke the 
second party's certificate after the first party is registered (see col. 6, lines 47-54; 
revocation/replacement of the entire electronic certificate with a new electronic 
certificate); and 
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an interface with a communication network (see col. 5, lines 19-28; a 
communication channel that comprise a network) to initiate communication to indicate to 
the first party that the second party's certificate has been revoked (see col. 6, lines 55- 
62; certificate server second module is for notifying a user of the electronic certificate 
condition when its revoked). 

With the respect to claim 12, Cook reference teaches further comprising: a 
machine readable medium accessible from a processor of the server (see col. 8, lines 
47-50; electronic certificate may be distributed on machine readable magnetic/optical 
media) having stored thereon an acceptance policy in accordance with which a 
revocation request received via the interface may be accepted (see col. 8, lines 47-50; 
"electronic certificate") , and further having stored thereon a revocation policy in 
accordance with which the second party's Certificate may be revoked (see col. 8, lines 
16-20; col. 6, lines 61-62; col. 7, lines 40-44; the certificate server stores electronic 
certificates with conditions of revocation). 

With the respect to claim 13, Cook reference teaches wherein the revocation 
module is operable to send a revocation message to a machine that is associated with 
the first party, via the interface (see col. 6, lines 55-62; col. 7, lines 1-8; col. 7, lines 40- 
48; col. 8, lines 51-59; certificate server second module is for notifying a user of the 
electronic certificate condition of revocation through electronic mail to the users 
workstation, pc, or other type of processors capable of electronic communications). 
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With the respect to claim 15, Cook reference teaches wherein the revocation 
module (see col. 6, lines 38-41 ; col. 7, lines 40-48) is operable to send a revocation 
message to a machine operable by the user (see col. 7, lines 1-8; col. 7, lines 40-48) to 
access the web site (see col. 10, lines 5-9). 

With the respect to claim 14, Cook reference teaches a processor based server 
(see col. 6, lines 35-38) comprising: a registration database (see col. 10, lines 10-30; 
selection of contracts associated with users are stored in a database on the certificate 
server) to register a user as a relying party for a digital certificate of a web site, the 
certificate to verify messages from the web site (Figure 2, col. 9, lines 5-15); Bob 30 
submits the contract to the certificate server 100, step 256); 

a machine readable medium accessible from a processor of the server (see col. 
8, lines 47-50; electronic certificate may be distributed on machine readable 
magnetic/optical media) having stored thereon an acceptance policy in accordance with 
which a revocation request received via an interface to communication network may be 
accepted (see col. 8, lines 47-50; "electronic certificate"), and further having stored 
thereon a revocation policy in accordance with which the digital certificate of the web 
site may be revoked in response to the revocation request (see col. 8, lines 16-20; col. 
6, lines 55-62; col. 7, lines 40-48; the certificate server stores electronic certificates with 
conditions of revocation); 
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a revocation module (see col. 6, lines 38-41; col. 7, lines 40-48) to revoke the 
digital certificate of the web site in accordance with the revocation policy (see col. 6, 
lines 47-54; col. 7, lines 40-45; revocation/replacement of the entire electronic certificate 
with a new electronic certificate); and 

an interface with a communication network (see col. 5, lines 19-28; a 
communication channel that comprise a network) to indicate to the user that the web 
site's certificate has been revoked (see col. 6, lines 55-62; certificate server second 
module is for notifying a user of the electronic certificate condition when revoked). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 7-10 and 22-25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cook et al. (U.S. Patent 6,922,776) hereinafter Cook in view of 
Kaliski Jr., (U.S. Patent 6,085,320) hereinafter Kaliski. 

With the respect to claims 7 and 22, Cook reference teaches registering an user 
as a party relying upon a digital certificate for a web site, the certificate to verify 
messages from the web site certificate (Figure 2, col. 9, lines 5-15); 
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receiving a request to revoke the digital certificate of the web site after registering 
the user (see; col. 7, lines 13-22; col. 7, lines 40-48); 

revoking the digital certificate of the web site in response to the request (see col. 
6, lines 47-54; col. 7, lines 13-22; col. 7, lines 40-48); and 

initiating communication with the user to indicate that the digital certificate of the 
web site has been revoked (see col. 6, lines 55-62). 

Cook reference doesn't teach authenticating the request in accordance with a 
pre-defined policy. Kaliski Jr. reference teaches authenticating the request in 
accordance with a pre-defined policy (see col. 2, lines 22-35; col. 4, lines 5-9; col. 5, 
lines 30-31). It would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains to have modified 
Cook reference to include the teachings of Kaliski Jr. to have included the step of 
authenticating the request in accordance with a pre-defined policy for the integrity of the 
communication between the parties and also "for protection against the certification 
authority or unauthorized servers, respectively" (see Kaliski Jr. col. 2, lines 39-41). 

With the respect to claims 8 and 23, Cook reference teaches wherein initiating 
communication with the user to indicate that the digital certificate of the web site has 
been revoked (see col. 6, lines 55-62) further comprises: 

sending a message directly to a machine (see col. 6, lines 44-47; "workstation, pc, fax 
machine, etc' associated with the user, to indicate that the web site's digital certificate 
has been revoked (see col. 6, lines 55-62; col. 7, lines 1-8; col. 7, lines 40-48). 
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With the respect to claims 9 and 24, Cook reference teaches further comprising, 
in the machine used by the user (see col. 6, lines 44-47; "workstation, pc, fax machine, 
etc"): authenticating the message to verify that it was sent by the server (see col. 7, 
lines 1-8; col. 7, lines 40-48; col. 8 line 60-col. 9 line 5); and changing settings for web 
access to reflect the revocation of the digital certificate of the web site (see col. 7, lines 
13-20; col. 9 lines 3-5). 

With the respect to claims 10 and 25, Cook reference teaches authenticating a 
digital signature (see col. 8, lines 60-64) incorporated in the request with a list of digital 
certificates previously defined as revoker certificates for the web site (see col. 7, lines 
30-34). 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Baotran N. To whose telephone number is 571-272- 
8156. The examiner can normally be reached on Monday-Friday from 8:00 to 4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y. Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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